Exploit the possiblities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2011-10-27

Ubuntu Security Notice USN-1249-1
Posted Oct 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1249-1 - It was discovered that BackupPC did not properly sanitize its input when processing backup browser error messages, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue did not affect Ubuntu 11.10. Jamie Strandboge discovered that BackupPC did not properly sanitize its input when processing log file viewer error messages, resulting in cross-site scripting (XSS) vulnerabilities.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2011-3361
MD5 | 7e111d7cad2365411a96ee7bfdea39f3
Zero Day Initiative Advisory 11-316
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-316 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime processes the matrix structures in the 'tkhd' atom for mp4 files. When the matrix structure contains large values a movs instruction can turn the value negative. When Quicktime later uses the function to determine where it should write its data it does check the upper boundaries, but not the lower ones causing a heap buffer underwrite. This can result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3251
MD5 | a84bec756bcff931e233c24d207f24da
Zero Day Initiative Advisory 11-315
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-315 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. Quicktime fails to correctly checking the decompression size when decoding the RLE data. This allows for a 4 byte overwrite past the end of the buffer which could result into remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3249
MD5 | cf25d840505350633407351120274590
Zero Day Initiative Advisory 11-314
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-314 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specific opcode within a PCT file. When resizing a heap buffer, the application will use a signed word read from the file to calculate the resulting size. This can be used to force the target buffer to be of an undersized length. Usage of this buffer will result in a buffer overflow in the context of the application.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2011-3247
MD5 | bb86b757a3cbef1312a56dfad0a2531a
Zero Day Initiative Advisory 11-313
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-313 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. When Quicktime tries to decompress this data it reads a user supplied RLE Packet count field from the file and uses that as loop counter. A high value for this field will cause Quicktime to write outside previously allocated memory which could result into remote code execution.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3223
MD5 | d964d43fc540f8103b2e4554b8f34787
Xorg Permission Change
Posted Oct 27, 2011
Authored by vladz

Xorg versions 1.11.2 and below suffer from a permission change vulnerability that allows a local user the ability to set an arbitrary file to 444.

tags | exploit, arbitrary, local
MD5 | 53807843e097137be368ae2215a18c31
Zero Day Initiative Advisory 11-312
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-312 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses the atom hierarchy within a QuickTime movie file. In a certain situation the application will pass execution to another function for handling the atom, however, will pass the incorrect number of arguments. Due to this, a variable will be treated as a pointer. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3221
MD5 | e09df08c3ae932c8998aaf6e0c10f3a4
Zero Day Initiative Advisory 11-311
Posted Oct 27, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-311 - This vulnerability allows remote attackers to potentially disclose memory addresses on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how QuickTime.qts parses a data handler in specific atom within a .mov file. The application will utilize a string length to copy data into an heap buffer, if the string is of zero-length, the application will fail to copy anything and then proceed to use the uninitialized buffer as a string.

tags | advisory, remote
systems | apple
advisories | CVE-2011-3220
MD5 | 2edb765a47b2f312adfd89db39f8a871
OpenCart 1.5.1.1 HTTP Response Splitting
Posted Oct 27, 2011
Authored by indoushka

OpenCart version 1.5.1.1 suffers from a CRLF injection / HTTP response splitting vulnerability.

tags | advisory, web
MD5 | c22d1178fd3348a8fc3a8887883329b1
Facebook.com Attach EXE Bypass
Posted Oct 27, 2011
Authored by Nathan Power

Facebook.com suffers from a bypass vulnerability where an executable can be attached to a message if a spaced is added to the name.

tags | advisory, bypass
MD5 | 219c79305b2961d84f0c69608ceedce5
Debian Security Advisory 2329-1
Posted Oct 27, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2329-1 - Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-2193
MD5 | e4e1d2fe1bcc712a32f73985c1979c83
Toshiba eStudio Printer Information Leakage
Posted Oct 27, 2011
Authored by Deral Heiland | Site foofus.net

The Toshiba eStudio multifunction printer suffers from an information leakage vulnerability as passwords can be extracted in plaintext from the html source code of various configuration pages.

tags | exploit
MD5 | 7cb183a739fd4899787331e98469c256
Cisco Unified Contact Center Express Directory Traversal
Posted Oct 27, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.

tags | advisory, remote, web, arbitrary, root, tcp
systems | cisco
advisories | CVE-2011-3315
MD5 | a35722c26845aaa0b0c6b472b18c85de
GTA SA-MP server.cfg Buffer Overflow
Posted Oct 27, 2011
Authored by Silent_Dream | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in GTA SA-MP Server. This buffer overflow occurs when the application attempts to open a malformed server.cfg file. To exploit this vulnerability, an attacker must send the victim a server.cfg file and have them run samp-server.exe.

tags | exploit, overflow
MD5 | 9d793473abcf7de97089429feeba17d8
SANS AppSec Summit 2012 Call For Papers
Posted Oct 27, 2011
Site sans.org

The SANS AppSec Summit Call For Papers has been announced. This event will take place in Las Vegas, Nevada from April 30th through May 1st, 2012.

tags | paper, conference
MD5 | 802557ea9acbfd6cdf54ec80ff2b63f2
phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
Posted Oct 27, 2011
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits an arbitrary PHP code execution flaw in the phpScheduleIt software. This vulnerability is only exploitable when the magic_quotes_gpc PHP option is 'off'. Authentication is not required to exploit the bug. Version 1.2.10 and earlier of phpScheduleIt are affected.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2008-6132, OSVDB-48797
MD5 | 179505f049f45b2c6e2fcf649864c209
eFront 3.6.10 Build 11944 Shell Upload / Code Execution / SQL Injection
Posted Oct 27, 2011
Authored by EgiX

eFront versions 3.6.10 build 11944 and below suffer from code execution, authentication bypass, shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution, sql injection
MD5 | 95a54493d5cdcd8a8b22b335ad163292
OWASP Mantra c0c0n 11 / AppSecLatam 11 0.71 Beta
Posted Oct 27, 2011
Site getmantra.com

OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.

tags | tool, web
MD5 | 6fdb5e9408261d741f24cb83df4b4066
Secunia Security Advisory 46347
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 7c582b2c4f174a63e9dee1622a0b5b33
Secunia Security Advisory 46531
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Presta2PhpList module for PrestaShop, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 0c1018cfb295a07fb993182109deaa7a
Secunia Security Advisory 46584
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
MD5 | 0aa50ccdf77f63d06b0cfa66848bc7ee
Secunia Security Advisory 46596
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 30e73de3c419580d99a47883e31742e6
Secunia Security Advisory 46574
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere ILOG Rule Team Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 2fa9021aeff7dafec103bf682cd9d592
Secunia Security Advisory 46581
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for mod_authnz_external. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, gentoo
MD5 | 0eff3f6bcab498c6149db810bfeb2ba7
Secunia Security Advisory 46592
Posted Oct 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for kde4libs. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, ubuntu
MD5 | 1096f54577a02f2be1d75feb1ee66d45
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    1 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close